Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster

From: Rohit Khare (Rohit@KnowNow.com)
Date: Fri Sep 29 2000 - 21:27:59 PDT

• Next message: Tony Finch: "Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster"
• Previous message: Gavin Thomas Nicol: "RE: XML / XSL vs. [x]HTML / WML / etc. etc."
• In reply to: Tony Finch: "Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster"
• Next in thread: Tony Finch: "Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster"
• Reply: Tony Finch: "Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster"
• Reply: Jeff Bone: "Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster"

So we've had recent comments on A) flaming and B) new bits as part of
the culture of FoRK.

[Lord knows *I* don't have much to do with these things these days
:-) y'all are all on yer own!]

So, Tony, consider this a flame: What the hell bits do you have to
back up your touchy-feely, heeby-jeeby unsubstantiated,
soon-to-die-in-bit-to-bit-mortal-kombat assertion below?

>>This [HTTP2P] gives me the security heebiejeebies.

Is it merely the fact that by mapping onto existing practices that
"Web security" is crappy enough to run a multi-trillion dollar
economy? Or that you have some secret plan to end the war in Vietnam?

As we're designing the security policies for various scenarios at
KnowNow, it kills me I can't deploy the Right Answer (TM). The right
answers *are* within reach -- technically -- as trust management
concepts like policy programs sprout up.

But they are *not* within shippable reach. People understand locks
and keys and file cabinets and blacklists. Credentialling,
delegation, and webs of trust are out of the commercial question.

I'm a little sick of folks dissing the theoretical impossibility of the Web.

Or are you implying another tack, that no one could write a
reasonably-secure HTTP microserver capable of withstanding serious
security auditing? I hear no less than Jef Poskanzer has one that
runs off of inetd in 150 lines of C.

And if you can still sleep at night Tony, and this sort of thing
really does bring out the dreaded <heeby type=jeebie />s, then lie
awake contemplating the fact that not only does Windows ME come with
an optional Personal Web Server (as Win and Mac and Linux installs
have for years now)... but it comes with one bound into the kernel
hiding high up in portspace as "Universal Plug and Play"

;-)
Rohit

At 12:04 AM +0000 9/30/00, Tony Finch wrote:
>Adam Rifkin <Adam@KnowNow.Com> wrote:
>>
>>[Jon Udell] A few years ago, I became fascinated with the
> >possibilities inherent in peer-to-peer HTTP networking.
>
>This gives me the security heebiejeebies.
>
>Tony.
>--
>en oeccget g mtcaa f.a.n.finch
>v spdlkishrhtewe y dot@dotat.at
>eatp o v eiti i d. fanf@covalent.net

• Next message: Tony Finch: "Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster"
• Previous message: Gavin Thomas Nicol: "RE: XML / XSL vs. [x]HTML / WML / etc. etc."
• In reply to: Tony Finch: "Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster"
• Next in thread: Tony Finch: "Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster"
• Reply: Tony Finch: "Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster"
• Reply: Jeff Bone: "Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster"

This archive was generated by hypermail 2b29 : Sat Sep 30 2000 - 06:07:50 PDT